Cyber Security Analyst

Are you ready for a career that creates meaningful impact? Here's your opportunity to work for an organisation that informs and challenges government to improve outcomes for citizens.

For over 200 years, the Auditor-General has assisted the Parliament of New South Wales to hold government accountable for its use of public resources.

Recognised as a centre of excellence in professional services, the Audit Office of New South Wales is an independent integrity agency. We conduct financial and performance audits across a diverse range of portfolios such as health, education, transport, local government, environment, justice, community services, industry and more.

Our work is diverse, challenging and meaningful. Our people interact with diverse stakeholders regularly, and embrace opportunities to positively impact the lives of NSW citizens. A career at the Audit Office is more than you imagine.

We have a people-focused culture, supported by corporate values that encourage pride in purpose, curiosity and open-mindedness, courage and integrity.  Our diverse backgrounds, perspectives and experiences help us deliver high standards of work that reflects the communities we operate in.​

At the Audit Office, you won't just fit in. You'll belong.

Joining the Audit Office means being part of a team dedicated to excellence, integrity, and making a tangible difference for the people of NSW.

We are seeking an experienced Cyber Security Analyst.  In this role you will monitor and act on information security alerts to ensure the confidentiality, integrity and availability of the information assets of the Audit Office.  You will also work collaboratively as part of the broader agile information technology team and provide security advice and guidance with regards to operational activities and requests.

Key responsibilities of this role include:

• Support and continually improve security compliance with the Audit Office's Information Security Management System (ISMS) and support regular testing of security controls in place to meet business objectives.

• Daily review of automated alerts and other sources of intelligence, with the intent to actively hunt for and defend against threats to the infrastructure, data and security of the Audit Office.

• Determining real incidents from false positives or escalating unclear indicators.

• Promptly handling identified incidents, including collection of appropriate evidence, clearly presenting findings and recommending courses of action.

• Assist the Information and Security Architect in improving cyber security awareness across the Audit Office, including the delivery of training.

• Contribute to the development of a range of Security Standard Operating Procedures for responding to common incidents.

• Work collaboratively with the operations and delivery teams to support them in understanding and responding to security requirements and threats.

• Ensuring information related to security incidents is stored securely and in line with the Audit Office's record keeping requirements.

• Be aware of and abide by the controls set out in the Audit Office's Information Security Management System (ISMS) and the supporting policies.

• Deliver specific corporate/team objectives as agreed to achieve the vision, mission, values, goals and strategies of the Audit Office.

• Ensure compliance with the Audit Office Code of Conduct and all other internal policies, business rules and procedures including records management and workplace health and safety policies.

We will challenge and develop you, encourage your curiosity, open-mindedness and courage. A bird's eye view of the whole state government is on offer, a unique opportunity that few professionals are exposed to. ​

Our audits are purposeful and are determined each year to reflect the contemporary challenges that NSW faces, providing you with the opportunity to work on a variety of issues and challenges.

We value the growth and development of our people, with leaders who guide and mentor on your  professional journey. With a focus on wellbeing, we support you to perform at your best and achieve meaningful outcomes in your role.

We are seeking someone with good professional judgment skills to solve complex problems and someone who can uphold ethical values when investigating information. You will bring your strong interpersonal skills and contemporary cyber security knowledge to the role. The ideal candidate will have the ability to develop and maintain effective working relationships with senior management, employees and other key stakeholders.

You will also need:

• Relevant tertiary qualification in Computer Science and/or relevant industry experience.
• Experience with Microsoft Security Suite of products.
• Strong understanding of security concepts, including Data Loss Prevention, Encryption, Single Sign On, Multi-Factor Authentication, Certificate-based authentication.
• Experience with security technologies, including Firewalls, web filtering, NAC, IDS/ IPS, SSO, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.
• Awareness of MITRE ATT&CK framework.
• Demonstrable understanding of Industry trends and emerging threats.
• To be an Australian permanent resident or citizen or New Zealand citizen.

We provide genuine flexibility in the way we work, along with competitive benefits.

On offer is a 35-hour work week and a total remuneration package (including superannuation) from $119,689 to $150,940 per annum depending on your experience, skills and capabilities.

The Audit Office is a rewarding, challenging and impactful place to work where we value diversity and take a collaborative approach to 'getting things done'. Here you can have a rewarding career with purpose, and real work-life balance as well as unique opportunities for professional development and personal growth. You will work with friendly, talented colleagues to solve complex problems and work with high-profile clients.

The Audit Office is committed to supporting flexible working arrangements to create a diverse, skilled and motivated workforce capable of delivering quality products and efficient services. Our standard way of working requires you to work at least 50% of contracted hours from either our head office, an auditee location, or a related worksite. If required, you can balance your attendance on-site over a month, with a minimum of one day per week in one of these locations.

Our diverse backgrounds, perspectives and experiences help us deliver high standards of work that reflects the communities we operate in.  The Audit Office of New South Wales values diversity and inclusion in the workplace. We welcome and encourage applications from people of all genders, ages, backgrounds, Aboriginal and Torres Strait Islander people, people with a disability, and those from culturally and linguistically diverse groups.  If you are excited about this opportunity but do not think you meet every requirement, or feel your experience does not align perfectly, we still want to hear from you.

For your application to be considered, you must include your resume, as well as a cover letter that addresses these two targeted questions:

1. Describe a time when you investigated a security alert that required collaboration with non-technical staff. What specific challenges did you face in communicating technical risks, and how did you adapt your approach to ensure effective resolution?
   
   (300 words maximum)

2. Your queue of security alerts to investigate has 30 new alerts on it.  How would prioritise which alerts to investigate first?  What tools and information sources would you use in the process? (300 words maximum)

As this role requires the successful candidate to demonstrate that they meet the capability to write and prepare material that is well structured and easy to follow, we strongly discourage reliance on tools such as ChatGPT for the preparation of cover letters or answers to targeted questions for this role.

If you are interested in making a positive difference to the people of NSW, click Apply Now.

Applications close midnight Sunday 5 October 2025.

For further information or to obtain a copy of the role description please contact or visit for more information about the Audit Office and the important work we do.